# -*- coding: utf-8 -*-

import token as Token
from django.http import JsonResponse

# API 接口装饰器
def auth_permission_require(perm=''):
    def decorator(view_func):
        def _warpped_view(request, *args, **kwargs):
            # 格式化权限
            pass

            # 验证
            if request.user.is_authenticated:
                # 已登录
                print("已登录", request.user)
            else:
                res = request
                user = request.user
                return JsonResponse({"code": 0})

            # 调用被装饰的函数
            return view_func(request, *args, **kwargs)
        return _warpped_view
    return decorator



'''example code'''
# from django.conf import settings
# from django.http import JsonResponse
# from django.contrib.auth import get_user_model
# from django.core.exceptions import PermissionDenied

# def auth_permission_required(perm):
#     def decorator(view_func):
#         def _wrapped_view(request, *args, **kwargs):
#             # 格式化权限
#             perms = (perm,) if isinstance(perm, str) else perm
#
#             if request.user.is_authenticated:
#                 # 正常登录用户判断是否有权限
#                 if not request.user.has_perms(perms):
#                     raise PermissionDenied
#             else:
#                 try:
#                     auth = request.META.get('HTTP_AUTHORIZATION').split()
#                 except AttributeError:
#                     return JsonResponse({"code": 401, "message": "No authenticate header"})
#
#                 # 用户通过API获取数据验证流程
#                 if auth[0].lower() == 'token':
#                     try:
#                         dict = jwt.decode(auth[1], settings.SECRET_KEY, algorithms=['HS256'])
#                         username = dict.get('data').get('username')
#                     except jwt.ExpiredSignatureError:
#                         return JsonResponse({"status_code": 401, "message": "Token expired"})
#                     except jwt.InvalidTokenError:
#                         return JsonResponse({"status_code": 401, "message": "Invalid token"})
#                     except Exception as e:
#                         return JsonResponse({"status_code": 401, "message": "Can not get user object"})
#
#                     try:
#                         user = UserModel.objects.get(username=username)
#                     except UserModel.DoesNotExist:
#                         return JsonResponse({"status_code": 401, "message": "User Does not exist"})
#
#                     if not user.is_active:
#                         return JsonResponse({"status_code": 401, "message": "User inactive or deleted"})
#
#                     # Token登录的用户判断是否有权限
#                     if not user.has_perms(perms):
#                         return JsonResponse({"status_code": 403, "message": "PermissionDenied"})
#                 else:
#                     return JsonResponse({"status_code": 401, "message": "Not support auth type"})
#
#             return view_func(request, *args, **kwargs)
#
#         return _wrapped_view
#
#     return decorator
#
#
# @auth_permission_required('account.select_user')
# def user(request):
#     if request.method == 'GET':
#         _jsondata = {
#             "user": "ops-coffee",
#             "site": "https://ops-coffee.cn"
#         }
#
#         return JsonResponse({"state": 1, "message": _jsondata})
#     else:
#         return JsonResponse({"state": 0, "message": "Request method 'POST' not supported"})
